NHS ransomware: UK government says it's North Korea's fault WannaCry happened

The Foreign Office said it will find, pursue and respond to the malicious activity

15/05/2017: Labour says NHS is 'wide open' to cyber attacks

The government's response to the recent NHS cyber attack has been described as 'chaotic' by Labour, arguing that recent cuts have left hospitals 'wide open' to hacks.

Shadow health secretary Jon Ashworth has said Labour would invest an extra 5 billion into new IT infrastructure for the NHS, after hospitals and services were affected by the widespread ransomware attack on Friday.

Speaking to Sky News, Ashworth said: "The truth is, if you're going to cut infrastructure budgets and if you're not going to allow the NHS to invest in upgrading its IT, then you are going to leave hospitals wide open to this sort of attack."

Advertisement - Article continues below

The comments coincide with allegations that health secretary Jeremy Hunt was previously warned that the NHS was susceptible to cyber attacks of this kind, following an assessment he commissioned last year, according to the BBC.Diane Fiona Caldicott and the Care Quality Commission assessed the cybersecurity capabilities of 60 hospitals throughout the UK, which found that not only were many sites still using outdated IT systems, but the report identified an increasing number cases where malware was being sent by email.

However, security minister Ben Wallace claimed the NHS were following "pretty good procedures" for dealing with the cyber attack, and insisted that affected trusts had enough resources to deal with attacks of this kind.

"We make sure the trusts are aware of their vulnerabilities and ask them to make sure they keep themselves up to date. What we don't do in our NHS is micromanage it from the desk," said Wallace, speaking to BBC Breakfast.

It is thought 47 NHS trusts were affected by the ransomware attack, which will continue to cause disruption through the coming week.

United Lincolnshire Trust said it has been forced to cancel all routine appointments in its hospitals on Monday, while Northumbria Healthcare has postponed all CT and MRI scans until further notice.Southport and Ormskirk Hospital Trust will run GP appointments as normal on Monday throughout West Lancashire, however it is advising patients to expect severe delays.

15/05/2017:Microsoft points to NSA leaks for NHS ransomware

Microsoft has confirmed the exploits that took out NHS networks and others around the world last week were stolen from the US National Security Agency, as security experts warned the ransomware could start spreading again today as workers startup their computers.

On Friday, the WannaCrypt or WannaDecryptor malware exploded across networks, including 16 NHS systems, leading to ambulances being diverted and some appointments being cancelled. The ransomware wasn't specifically targeted at the NHS, but part of a wider attack that took in organisations around the world.

The spread of the ransomware was partially halted by one British security researcher, who bought a domain listed in software and was rewarded for their efforts by having their identity revealed by British tabloids.

Microsoft also released a patch for XP, which is no longer being supported except by special arrangement and extra fees, which the British government decided against paying. NHS Direct said fewer than 4.7% of its devices use XP, and that includes "expensive hardware" such as MRI scanners that aren't easily updated.

Advertisement - Article continues below

In a blog post, Microsoft's legal counsel Brad Smith said companies like his own were "increasingly among the first responders" in such attacks, and that online security is a "shared responsibility between tech companies and customers".

Customers be they individuals or corporations need to keep their machines updated, but Smith admitted that's not always easy, adding "we are dedicated to developing further steps to help ensure security updates are applied immediately to all IT environments".

Such work is made harder when governments are stockpiling and then losing vulnerabilities, he added, confirming that the exploits abused to infect the NHS and the other organisations on Friday were indeed those stolen by the NSA earlier this year.

"We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world," he said. "Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen."

Smith said the attack should be a "wake-up call" to governments on cybersecurity. "They need to take a different approach and adhere in cyberspace to the same rules applied to weapons in the physical world," he said. "We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits."

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019

Five signs that it’s time to retire IT kit

29 Nov 2019